Weekly Tip! Real Facebook Page, Fake Facebook Support
Facebook pages are typically used by organizations and public figures to connect with their community. Anyone can make a Facebook page, even cybercriminals. Using social media, cybercriminals spoof brands and organizations to trick people into trusting them. In this recent scam, cybercriminals use real Facebook pages to impersonate Facebook itself.
The scam starts with a fake email that looks like it’s from Facebook. The email states that your account has been deactivated and will be deleted in 48 hours unless you click a link. If you click the link, you’re taken to a real Facebook post from a page named “Page Support” that uses the Facebook logo. The post directs you to click another suspicious link that takes you to a fake login page. If you enter your login credentials, you’ll give cybercriminals access to your Facebook profile and the ability to scam your friends and family.
Don’t be fooled! Follow the tips below to stay safe from similar scams:
- Watch out for a sense of urgency in emails. Phishing attacks rely on impulsive actions, so always think before you click.
- Remember that this type of attack isn’t exclusive to Facebook. Cybercriminals could use this technique on any other social media platform.
- If you receive an urgent notification, verify that it's legitimate. Navigate directly to the organization's website or official app to view details.
The KnowBe4 Security Team
Weekly Tip! Fake Cryptocurrency Job Openings on LinkedIn
Recruiters often use LinkedIn, a popular professional networking platform, to reach out to potential candidates about job opportunities. Unfortunately, cybercriminals send fake job opportunities through LinkedIn. Currently, they're taking advantage ...
Weekly Tip! EvilProxy and URLs
About a week ago, researchers uncovered a new "phishing-for-hire" tool called EvilProxy. The tool sends standard phishing emails to recipients, but it implements some advanced hacking techniques to dramatically increase the odds of taking over your ...
Weekly Tip! Email Scams from University Domains
Most universities provide students with email addresses from the university’s official domain. For example, a student's email address could be firstname[at]harvard[dot]edu. Since these email addresses use real university domains, cybercriminals try ...
Weekly Tip! Holiday Gift Giving Gone Bad
Well, the holidays are officially upon us, and phishers are looking forward to their ill-gotten gains. In the spirit of "nothing new under the sun," phishers are keeping up their old techniques, spanning everything from texts to emails, all urging us ...
Weekly Tip! Twitter Blue Scams
Elon Musk, the CEO of Tesla, recently purchased the social media platform Twitter. Since this purchase, Twitter started allowing users to pay for a monthly subscription called “Twitter Blue.” Twitter Blue displays a blue verification checkmark next ...